EUVD-2015-5282

Malware in sbrugna...

SUSE CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

SUSE: Security Advisory (SUSE-SU-2016:2305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : 1:wpa_supplicant (2017-12e76e8364) (KRACK)

Fix the for the Key Reinstallation Attacks ========================================== - hostapd: Avoid key reinstallation in FT handshake CVE-2017-13082 - Fix PTK rekeying to generate a new ANonce - Prevent reinstallation of an already in-use group key and extend protection of GTK/IGTK...

CVE-2017-13087

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a Wireles...

UBUNTU-CVE-2017-13087

Wi-Fi Protected Access WPA and WPA2 that support 802.11v allows reinstallation of the Group Temporal Key GTK when processing a Wireless Network Management WNM Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients...

[ASA-201710-22] wpa_supplicant: man-in-the-middle

Arch Linux Security Advisory ASA-201710-22 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13087 CVE-2017-13088 Package : wpasupplicant Type : man-in-the-middle...

SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2016:2305-1)

This update for wpasupplicant fixes the following issues : - CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding. bnc930077 - CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing. bnc930078 - CVE-2015-4143: EAP-pwd missing payload length validation...

FreeBSD : hostapd and wpa_supplicant -- multiple vulnerabilities (976567f6-05c5-11e6-94fa-002590263bf5)

Jouni Malinen reports : wpasupplicant unauthorized WNM Sleep Mode GTK control. 2015-6 - CVE-2015-5310 EAP-pwd missing last fragment length validation. 2015-7 - CVE-2015-5315 EAP-pwd peer error path failure on unexpected Confirm message. 2015-8 - CVE-2015-5316 %NASLMINLEVEL 70300 C Tenable Network...

Code injection

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

DEBIAN-CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

CVE-2015-5310

CVE-2015-5310 affects wpa_supplicant 2.x prior to 2.6. The WNM Sleep Mode code does not properly ignore key data in response frames when MFP was not negotiated, allowing remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service via a WNM Sleep Mode response....

CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

hostapd and wpa_supplicant -- multiple vulnerabilities

Jouni Malinen reports: wpasupplicant unauthorized WNM Sleep Mode GTK control. 2015-6 - CVE-2015-5310 EAP-pwd missing last fragment length validation. 2015-7 - CVE-2015-5315 EAP-pwd peer error path failure on unexpected Confirm message. 2015-8 - CVE-2015-5316...